Hi Guy, On 28 Sep 2006 at 12:54, Guy Deslauriers wrote:
> Micheal, Paul, > > What you're proposing is inhibiting TLS announce by the Mail server within > ASSP, right? If that's the case, I don't think it's a good idea, unless > it's explicitly advertised that installing ASSP will disable STARTTLS > functionality. Some people might be attached to TLS capabilities; else it > wouldn't be used that much :-) Yes, but ASSP already inhibits TLS for most other servers, it was just by chance that it didn't inhibit it for IMail. The amendment makes that consistent. I agree that there's no explicit statement to that effect (TTBOMK) in the ASSP documentation - but that is all on the todo list, and I hope to make a contribution there. > > Though this could be used as a temporary measure, but I think we should find > a way to integrate TLS support within ASSP in future version if the mail > server supports it. Imagine how complete ASSP would then be... Yes, that may be nice at some stage. I don't know what effort might be required nor whether an external product might do the job. > Since noticing that glitch with my installation and disabling ASSP, I'm > seeing TONS of TLS connection hitting my server, even unsolicited email (go > figure). So my first though about allowing specific TLS MTAs IP to pass > thru unseen, is out of question. There must be a way to log TLS request > with sender domain and have a TLS/SSL section in ASSP to configure all this. > > An old FAQ on TLS support by ASSP, was saying that TLS support was out of > ASSP scope. I personally think it should be revised. I don't mind admitting it's been a steep learning curve for me over the last few days. I have a test server that I've been using without ASSP and I've been surprised at how many servers routinely send MTA to MTA via TLS if they can. Mine is a self-signed certificate, so the senders don't care *where* they are sending mail, but they are making sure it's encrypted. Paul ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
